X-Git-Url: https://vcs.fsf.org/?p=squirrelmail.git;a=blobdiff_plain;f=src%2Fcompose.php;h=297cccd250c803b3018f098086b2bd56b257758e;hp=e49b174b9e8df55e24f8795dddaec6ad2645ab2e;hb=ffde32e0842fe6f1eae576398de1ae5682437d4f;hpb=ebd2391cb0c5e3049870f90fa8a8b28707e9571a diff --git a/src/compose.php b/src/compose.php index e49b174b..297cccd2 100644 --- a/src/compose.php +++ b/src/compose.php @@ -47,9 +47,14 @@ require_once(SM_PATH . 'functions/identity.php'); /** SESSION VARS */ sqgetGlobalVar('delimiter', $delimiter, SQ_SESSION); +sqgetGlobalVar('delayed_errors', $delayed_errors, SQ_SESSION); sqgetGlobalVar('composesession', $composesession, SQ_SESSION); sqgetGlobalVar('compose_messages', $compose_messages, SQ_SESSION); -sqgetGlobalVar('delayed_errors', $delayed_errors, SQ_SESSION); + +// compose_messages only useful in SESSION when a forward-as-attachment +// has been preconstructed for us and passed in via that mechanism; once +// we have it, we can clear it from the SESSION +sqsession_unregister('compose_messages'); // Turn on delayed error handling in case we wind up redirecting below $oErrorHandler->setDelayedErrors(true); @@ -106,7 +111,7 @@ sqgetGlobalVar('addr_search_cancel', $html_addr_search_cancel, SQ_POST); sqgetGlobalVar('send_to_search', $send_to_search, SQ_POST); sqgetGlobalVar('do_delete', $do_delete, SQ_POST); sqgetGlobalVar('delete', $delete, SQ_POST); -sqgetGlobalVar('restoremessages', $restoremessages, SQ_POST); +sqgetGlobalVar('attachments', $attachments, SQ_POST); if ( sqgetGlobalVar('return', $temp, SQ_POST) ) { $html_addr_search_done = 'Use Addresses'; } @@ -317,23 +322,22 @@ function getforwardHeader($orig_header) { * If the session is expired during a post this restores the compose session * vars. */ +$session_expired = false; if (sqsession_is_registered('session_expired_post')) { sqgetGlobalVar('session_expired_post', $session_expired_post, SQ_SESSION); /* * extra check for username so we don't display previous post data from * another user during this session. */ - if ($session_expired_post['username'] != $username) { - unset($session_expired_post); - sqsession_unregister('session_expired_post'); - session_write_close(); - } else { + if (!empty($session_expired_post['username']) + && $session_expired_post['username'] == $username) { // these are the vars that we can set from the expired composed session - $compo_var_list = array ( 'send_to', 'send_to_cc','body','startMessage', - 'passed_body','use_signature','signature','attachments','subject','newmail', - 'send_to_bcc', 'passed_id', 'mailbox', 'from_htmladdr_search', 'identity', - 'draft_id', 'delete_draft', 'mailprio', 'edit_as_new', 'compose_messsages', - 'composesession', 'request_mdn', 'request_dr'); + $compo_var_list = array ('send_to', 'send_to_cc', 'body', + 'startMessage', 'passed_body', 'use_signature', 'signature', + 'subject', 'newmail', 'send_to_bcc', 'passed_id', 'mailbox', + 'from_htmladdr_search', 'identity', 'draft_id', 'delete_draft', + 'mailprio', 'edit_as_new', 'attachments', 'composesession', + 'request_mdn', 'request_dr'); foreach ($compo_var_list as $var) { if ( isset($session_expired_post[$var]) && !isset($$var) ) { @@ -341,9 +345,11 @@ if (sqsession_is_registered('session_expired_post')) { } } - $compose_messages = unserialize($restoremessages); - sqsession_register($compose_messages,'compose_messages'); + if (!empty($attachments)) + $attachments = unserialize(urldecode($attachments)); + sqsession_register($composesession,'composesession'); + if (isset($send)) { unset($send); } @@ -369,6 +375,7 @@ if (sqsession_is_registered('session_expired_post')) { showInputForm($session, false); exit(); } + if (!isset($composesession)) { $composesession = 0; sqsession_register(0,'composesession'); @@ -382,20 +389,22 @@ if (!isset($session) || (isset($newmessage) && $newmessage)) { $composesession = $session; sqsession_register($composesession,'composesession'); } -if (!isset($compose_messages)) { - $compose_messages = array(); -} - -if (!isset($compose_messages[$session]) || ($compose_messages[$session] == NULL)) { +if (!empty($compose_messages[$session])) { + $composeMessage = $compose_messages[$session]; +} else { $composeMessage = new Message(); $rfc822_header = new Rfc822Header(); $composeMessage->rfc822_header = $rfc822_header; $composeMessage->reply_rfc822_header = ''; - $compose_messages[$session] = $composeMessage; +} - sqsession_register($compose_messages,'compose_messages'); -} else { - $composeMessage=$compose_messages[$session]; +// re-add attachments that were already in this message +// FIXME: note that technically this is very bad form - +// should never directly manipulate an object like this +if (!empty($attachments)) { + $attachments = unserialize(urldecode($attachments)); + if (!empty($attachments) && is_array($attachments)) + $composeMessage->entities = $attachments; } if (empty($mailbox)) { @@ -408,13 +417,10 @@ if ($draft) { * of language interface. */ set_my_charset(); - $composeMessage=$compose_messages[$session]; if (! deliverMessage($composeMessage, true)) { showInputForm($session); exit(); } else { - unset($compose_messages[$session]); - sqsession_register($compose_messages,'compose_messages'); $draft_message = _("Draft Email Saved"); /* If this is a resumed draft, then delete the original */ if(isset($delete_draft)) { @@ -506,8 +512,6 @@ if ($send) { } $body = $newBody; - $composeMessage=$compose_messages[$session]; - $Result = deliverMessage($composeMessage); if ($Result) @@ -518,13 +522,12 @@ if ($send) { // NOTE: this hook changed in 1.5.2 from sending $Result and // $composeMessage as args #2 and #3 to being in an array // under arg #2 - do_hook('compose_send_after', $temp=array(&$Result, &$composeMessage, &$mail_sent)); + $temp = array(&$Result, &$composeMessage, &$mail_sent); + do_hook('compose_send_after', $temp); if (! $Result) { showInputForm($session); exit(); } - unset($compose_messages[$session]); - sqsession_register($compose_messages,'compose_messages'); /* if it is resumed draft, delete draft message */ if ( isset($delete_draft)) { @@ -656,7 +659,6 @@ elseif (isset($sigappend)) { } if (isset($delete) && is_array($delete)) { - $composeMessage = $compose_messages[$session]; foreach($delete as $index) { if (!empty($composeMessage->entities) && isset($composeMessage->entities[$index])) { $composeMessage->entities[$index]->purgeAttachments(); @@ -668,8 +670,6 @@ elseif (isset($sigappend)) { $new_entities[] = $entity; } $composeMessage->entities = $new_entities; - $compose_messages[$session] = $composeMessage; - sqsession_register($compose_messages, 'compose_messages'); } showInputForm($session); } else { @@ -735,7 +735,7 @@ function getforwardSubject($subject) function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $session='') { global $editor_size, $default_use_priority, $body, $idents, $use_signature, $data_dir, $username, - $key, $imapServerAddress, $imapPort, $compose_messages, + $key, $imapServerAddress, $imapPort, $composeMessage, $body_quote, $request_mdn, $request_dr, $mdn_user_support, $languages, $squirrelmail_language, $default_charset; @@ -846,7 +846,7 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se if (count($idents) > 1) { foreach($idents as $nr=>$data) { $enc_from_name = '"'.$data['full_name'].'" <'. $data['email_address'].'>'; - if($enc_from_name == $orig_from) { + if(strtolower($enc_from_name) == strtolower($orig_from)) { $identity = $nr; break; } @@ -965,8 +965,7 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se default: break; } - $compose_messages[$session] = $composeMessage; - sqsession_register($compose_messages, 'compose_messages'); +//FIXME: we used to register $compose_messages in the session here, but not any more - so do we still need the session_write_close() and sqimap_logout() here? We probably need the IMAP logout, but what about the session closure? session_write_close(); sqimap_logout($imapConnection); } @@ -992,7 +991,7 @@ function newMail ($mailbox='', $passed_id='', $passed_ent_id='', $action='', $se * @return object */ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imapConnection) { - global $squirrelmail_language, $languages; + global $squirrelmail_language, $languages, $username, $attachment_dir; if (!count($message->entities) || ($message->type0 == 'message' && $message->type1 == 'rfc822')) { @@ -1021,6 +1020,8 @@ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imap function_exists($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode')) { $filename = call_user_func($languages[$squirrelmail_language]['XTRA_CODE'] . '_encode', $filename); } + + $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $localfilename = sq_get_attach_tempfile(); $message->att_local_name = $localfilename; @@ -1028,7 +1029,7 @@ function getAttachments($message, &$composeMessage, $passed_id, $entities, $imap $localfilename); /* Write Attachment to file */ - $fp = fopen ($localfilename, 'wb'); + $fp = fopen ($hashed_attachment_dir . '/' . $localfilename, 'wb'); mime_print_body_lines ($imapConnection, $passed_id, $message->entity_id, $message->header->encoding, $fp); fclose ($fp); } @@ -1059,8 +1060,10 @@ function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, array_pop($body_a); $body = implode('', $body_a) . "\r\n"; + global $username, $attachment_dir; + $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $localfilename = sq_get_attach_tempfile(); - $fp = fopen($localfilename, 'wb'); + $fp = fopen($hashed_attachment_dir . '/' . $localfilename, 'wb'); fwrite ($fp, $body); fclose($fp); $composeMessage->initAttachment('message/rfc822',$subject.'.msg', @@ -1071,14 +1074,14 @@ function getMessage_RFC822_Attachment($message, $composeMessage, $passed_id, function showInputForm ($session, $values=false) { global $send_to, $send_to_cc, $send_to_bcc, - $body, $startMessage, $action, - $use_signature, $signature, $prefix_sig, + $body, $startMessage, $action, $attachments, + $use_signature, $signature, $prefix_sig, $session_expired, $editor_size, $editor_height, $subject, $newmail, $use_javascript_addr_book, $passed_id, $mailbox, $from_htmladdr_search, $location_of_buttons, $attachment_dir, $username, $data_dir, $identity, $idents, $delete_draft, $mailprio, $compose_new_win, $saved_draft, $mail_sent, $sig_first, - $compose_messages, $composesession, $default_charset, + $composeMessage, $composesession, $default_charset, $compose_onsubmit, $oTemplate, $oErrorHandler; if (checkForJavascript()) { @@ -1090,7 +1093,6 @@ function showInputForm ($session, $values=false) { $onfocus_array = array(); } - $composeMessage = $compose_messages[$session]; if ($values) { $send_to = $values['send_to']; $send_to_cc = $values['send_to_cc']; @@ -1261,6 +1263,12 @@ function showInputForm ($session, $values=false) { showComposeButtonRow(); } + // composeMessage can be empty when coming from a restored session + if (is_object($composeMessage) && $composeMessage->entities) + $attach_array = $composeMessage->entities; + if ($session_expired && !empty($attachments) && is_array($attachments)) + $attach_array = $attachments; + /* This code is for attachments */ if ((bool) ini_get('file_uploads')) { @@ -1280,9 +1288,10 @@ function showInputForm ($session, $values=false) { } $attach = array(); - // composeMessage can be empty when coming from a restored session - if (is_object($composeMessage) && $composeMessage->entities) { - foreach ($composeMessage->entities as $key => $attachment) { + global $username, $attachment_dir; + $hashed_attachment_dir = getHashedDir($username, $attachment_dir); + if (!empty($attach_array)) { + foreach ($attach_array as $key => $attachment) { $attached_file = $attachment->att_local_name; if ($attachment->att_local_name || $attachment->body_part) { $attached_filename = decodeHeader($attachment->mime_header->getParameter('name')); @@ -1293,7 +1302,7 @@ function showInputForm ($session, $values=false) { $a['Key'] = $key; $a['FileName'] = $attached_filename; $a['ContentType'] = $type; - $a['Size'] = filesize($attached_file); + $a['Size'] = filesize($hashed_attachment_dir . '/' . $attached_file); $attach[$key] = $a; } } @@ -1311,15 +1320,12 @@ function showInputForm ($session, $values=false) { echo addHidden('username', $username). addHidden('smaction', $action). addHidden('mailbox', $mailbox); - /* - store the complete ComposeMessages array in a hidden input value - so we can restore them in case of a session timeout. - */ sqgetGlobalVar('QUERY_STRING', $queryString, SQ_SERVER); //FIXME: no direct echoing to browser, no HTML output in core! - echo addHidden('restoremessages', urlencode(serialize($compose_messages))). - addHidden('composesession', $composesession). + echo addHidden('composesession', $composesession). addHidden('querystring', $queryString). + (!empty($attach_array) ? + addHidden('attachments', urlencode(serialize($attach_array))) : ''). "\n"; if (!(bool) ini_get('file_uploads')) { /* File uploads are off, so we didn't show that part of the form. @@ -1403,28 +1409,27 @@ function checkInput ($show) { /* True if FAILURE */ function saveAttachedFiles($session) { - global $compose_messages; + global $composeMessage, $username, $attachment_dir; /* get out of here if no file was attached at all */ if (! is_uploaded_file($_FILES['attachfile']['tmp_name']) ) { return true; } + $hashed_attachment_dir = getHashedDir($username, $attachment_dir); $localfilename = sq_get_attach_tempfile(); + $fullpath = $hashed_attachment_dir . '/' . $localfilename; // m_u_f works better with restricted PHP installs (safe_mode, open_basedir), // if that doesn't work, try a simple rename. - if (!@move_uploaded_file($_FILES['attachfile']['tmp_name'],$localfilename)) { - if (!@rename($_FILES['attachfile']['tmp_name'], $localfilename)) { + if (!sq_call_function_suppress_errors('move_uploaded_file', array($_FILES['attachfile']['tmp_name'], $fullpath))) { + if (!sq_call_function_suppress_errors('rename', array($_FILES['attachfile']['tmp_name'], $fullpath))) { return true; } } - $message = $compose_messages[$session]; $type = strtolower($_FILES['attachfile']['type']); $name = $_FILES['attachfile']['name']; - $message->initAttachment($type, $name, $localfilename); - $compose_messages[$session] = $message; - sqsession_register($compose_messages , 'compose_messages'); + $composeMessage->initAttachment($type, $name, $localfilename); } /* parse values like 8M and 2k into bytes */ @@ -1546,6 +1551,14 @@ function deliverMessage($composeMessage, $draft=false) { $rfc822_header->content_type = $content_type; $composeMessage->rfc822_header = $rfc822_header; + if ($action == 'reply' || $action == 'reply_all') { + global $passed_id, $passed_ent_id; + $reply_id = $passed_id; + $reply_ent_id = $passed_ent_id; + } else { + $reply_id = ''; + $reply_ent_id = ''; + } /* Here you can modify the message structure just before we hand it over to deliver; plugin authors note that $composeMessage @@ -1576,16 +1589,12 @@ function deliverMessage($composeMessage, $draft=false) { $stream = $deliver->initStream($composeMessage,$sendmail_path); } elseif ($draft) { global $draft_folder; - require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php'); $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); if (sqimap_mailbox_exists ($imap_stream, $draft_folder)) { require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php'); $imap_deliver = new Deliver_IMAP(); - $length = $imap_deliver->mail($composeMessage); - sqimap_append ($imap_stream, $draft_folder, $length); - $imap_deliver->mail($composeMessage, $imap_stream); - sqimap_append_done ($imap_stream, $draft_folder); + $length = $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $draft_folder); sqimap_logout($imap_stream); unset ($imap_deliver); $composeMessage->purgeAttachments(); @@ -1598,7 +1607,7 @@ function deliverMessage($composeMessage, $draft=false) { } $success = false; if ($stream) { - $length = $deliver->mail($composeMessage, $stream); + $length = $deliver->mail($composeMessage, $stream, $reply_id, $reply_ent_id); $success = $deliver->finalizeStream($stream); } if (!$success) { @@ -1615,48 +1624,13 @@ function deliverMessage($composeMessage, $draft=false) { plain_error_message($msg); } else { unset ($deliver); - $move_to_sent = getPref($data_dir,$username,'move_to_sent'); $imap_stream = sqimap_login($username, false, $imapServerAddress, $imapPort, 0); - /* Move to sent code */ - if (isset($default_move_to_sent) && ($default_move_to_sent != 0)) { - $svr_allow_sent = true; - } else { - $svr_allow_sent = false; - } - - if (isset($sent_folder) && (($sent_folder != '') || ($sent_folder != 'none')) - && sqimap_mailbox_exists( $imap_stream, $sent_folder)) { - $fld_sent = true; - } else { - $fld_sent = false; - } - - if ((isset($move_to_sent) && ($move_to_sent != 0)) || (!isset($move_to_sent))) { - $lcl_allow_sent = true; - } else { - $lcl_allow_sent = false; - } - - global $passed_id, $mailbox; - if (($fld_sent && $svr_allow_sent && !$lcl_allow_sent) || ($fld_sent && $lcl_allow_sent)) { - if ($action == 'reply' || $action == 'reply_all') { - $save_reply_with_orig=getPref($data_dir,$username,'save_reply_with_orig'); - if ($save_reply_with_orig) { - $sent_folder = $mailbox; - } - } - sqimap_append ($imap_stream, $sent_folder, $length); - require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php'); - $imap_deliver = new Deliver_IMAP(); - $imap_deliver->mail($composeMessage, $imap_stream); - sqimap_append_done ($imap_stream, $sent_folder); - unset ($imap_deliver); - } - global $what, $iAccount, $startMessage; + // mark as replied or forwarded if applicable + // + global $what, $iAccount, $startMessage, $passed_id, $mailbox; - $composeMessage->purgeAttachments(); if ($action=='reply' || $action=='reply_all' || $action=='forward' || $action=='forward_as_attachment') { require(SM_PATH . 'functions/mailbox_display.php'); $aMailbox = sqm_api_mailbox_select($imap_stream, $iAccount, $mailbox,array('setindex' => $what, 'offset' => $startMessage),array()); @@ -1701,8 +1675,50 @@ function deliverMessage($composeMessage, $draft=false) { sqsession_register($mailbox_cache,'mailbox_cache'); } - sqimap_logout($imap_stream); } + + + // move to sent folder + // + $move_to_sent = getPref($data_dir,$username,'move_to_sent'); + if (isset($default_move_to_sent) && ($default_move_to_sent != 0)) { + $svr_allow_sent = true; + } else { + $svr_allow_sent = false; + } + + if (isset($sent_folder) && (($sent_folder != '') || ($sent_folder != 'none')) + && sqimap_mailbox_exists( $imap_stream, $sent_folder)) { + $fld_sent = true; + } else { + $fld_sent = false; + } + + if ((isset($move_to_sent) && ($move_to_sent != 0)) || (!isset($move_to_sent))) { + $lcl_allow_sent = true; + } else { + $lcl_allow_sent = false; + } + + if (($fld_sent && $svr_allow_sent && !$lcl_allow_sent) || ($fld_sent && $lcl_allow_sent)) { + if ($action == 'reply' || $action == 'reply_all') { + $save_reply_with_orig=getPref($data_dir,$username,'save_reply_with_orig'); + if ($save_reply_with_orig) { + $sent_folder = $mailbox; + } + } + require_once(SM_PATH . 'class/deliver/Deliver_IMAP.class.php'); + $imap_deliver = new Deliver_IMAP(); + $imap_deliver->mail($composeMessage, $imap_stream, $reply_id, $reply_ent_id, $sent_folder); + unset ($imap_deliver); + } + + + // final cleanup + // + $composeMessage->purgeAttachments(); + sqimap_logout($imap_stream); + } return $success; }